Home / server / Questions / 345911
Accepted
KodeTitan
Asked: 2012-01-03 08:19:46 +0800 CST

How do you open up debug logging for BIND on Ubuntu?

  • 772

I have a BIND server running on Ubuntu that is failing to lookup www.microsoft.com or any records at Microsoft. All other domains like google.com and yahoo.com seem to be working just fine. I am looking for some suggestions on how to improve logging to figure out why BIND is having problems with this domain.

I already am capturing the query channel into the default_syslog and see the queries coming to the server, but I don't see the result of the efforts of the BIND server in trying to find the IP address of these names.

Symptoms

> ping www.microsoft.com fails on lookup, indicates host is not found

> dig @A.B.C.D www.microsoft.com also times out, where A.B.C.D is the IP address of this internal DNS server.

other queries seem to work fine

At this time, I am using db.root for the root servers and have no forwarders setup in this configuration. I would expect this server to be determining the root servers of microsoft.com and then being able to find the records from there. Thank you for any suggestions on how to improve logging detail in BIND and where to look for the log messages.

ubuntu domain-name-system bind

2 Answers

  1. Best Answer

    How to see what's going on:

    • To view what the server is doing live, if you have rndc configured run rndc trace x (where x is the debugging level you want to view).

    • To view what the server is doing live without rndc you'll have to run the server in foreground mode named -g -d x (where x is again is the debug level).

    • To configure logging to a file, open named.conf and edit/add a logging section such as:

      logging {
        channel default_file {
                file "/var/log/named.log" size 10m;
                severity info;
                print-time yes;
                print-severity yes;
                print-category yes;
        };
        category default{ default_file; };
};

      Note that this configures the logging for "info" level and higher. This dumps quite a bit of information for a live server. Possible values include "extra", "debug", "info", "error", "fatal", and "dynamic" (a value for -d must be provided on the command line for dynamic).

    What's wrong with your server:

    Your server is looping back to itself while trying to recursively resolve the domain. Since this is only happening for one domain that you know if, it's likely a problem in your hosts file or in your named.conf file (probably the latter).

    Getting request failed: duplicate query is almost always a problem with a forwarders directive that loops back to the server or something similar.

    • 13

  2. This may be a cache problem. Have you tried to flush cache?

    rndc flush # all entries

rndc flushname microsoft.com # all entries for microsoft.com supported from bind 9.3
    • 1